ETCD简介
我了解etcd是从k8s开始,作为k8s的信息存储以及服务注册和发现。etcd是使用go语言编写,如果使用源码包必须在go语言环境下进行编译。etcd的存储和redis有点类似都是使用的键值对(key-value),不同点是etcd强调的是各节点的通信,而redis是主从同步读写分离。etcd的存储使用了raft算法,能够实现分布式系统数据的可用性和一致性,并且速度较快,根据官方提供的benchmark数据,单个实例每秒2k+读操作,使用ssl证书验证比较安全,安装比较简单,可以提供API进行交互。
二进制安装etcd
先下载已经编译好的etcd包,然后我们可以直接测试一下运行效果,我这里使用的是最新版3.4.6版本。
[root@www.wulaoer.org ~]# wget https://github.com/etcd-io/etcd/releases/download/v3.4.6/etcd-v3.4.6-linux-amd64.tar.gz [root@www.wulaoer.org ~]# tar -zxf etcd-v3.4.6-linux-amd64.tar.gz [root@www.wulaoer.org ~]# mv etcd-v3.4.6-linux-amd64 /usr/local/etcd
解压后进入etcd目录,这里有两个文件需要注意。etcd是启动文件,etcdctl是客户端文件,不需要编译可以直接启动。
[root@www.wulaoer.org ~]# cd /usr/local/etcd/ [root@www.wulaoer.org etcd]# ls Documentation etcd etcdctl README-etcdctl.md README.md READMEv2-etcdctl.md
我先启动一下看看etcd的日志
[root@www.wulaoer.org etcd]# ./etcd
[WARNING] Deprecated '--logger=capnslog' flag is set; use '--logger=zap' flag instead
2020-04-03 19:20:42.065853 I | etcdmain: etcd Version: 3.4.6
2020-04-03 19:20:42.065892 I | etcdmain: Git SHA: bdc9bc1d8
2020-04-03 19:20:42.065895 I | etcdmain: Go Version: go1.12.12
2020-04-03 19:20:42.065897 I | etcdmain: Go OS/Arch: linux/amd64
2020-04-03 19:20:42.065900 I | etcdmain: setting maximum number of CPUs to 4, total number of available CPUs is 4
2020-04-03 19:20:42.065906 W | etcdmain: no data-dir provided, using default data-dir ./default.etcd
[WARNING] Deprecated '--logger=capnslog' flag is set; use '--logger=zap' flag instead
2020-04-03 19:20:42.067436 I | embed: name = default
2020-04-03 19:20:42.067450 I | embed: data dir = default.etcd
2020-04-03 19:20:42.067456 I | embed: member dir = default.etcd/member
2020-04-03 19:20:42.067460 I | embed: heartbeat = 100ms
2020-04-03 19:20:42.067464 I | embed: election = 1000ms
2020-04-03 19:20:42.067468 I | embed: snapshot count = 100000
2020-04-03 19:20:42.067483 I | embed: advertise client URLs = http://localhost:2379
2020-04-03 19:20:42.249768 I | etcdserver: starting member 8e9e05c52164694d in cluster cdf818194e3a8c32
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d switched to configuration voters=()
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d became follower at term 0
raft2020/03/30 19:20:42 INFO: newRaft 8e9e05c52164694d [peers: [], term: 0, commit: 0, applied: 0, lastindex: 0, lastterm: 0]
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d became follower at term 1
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d switched to configuration voters=(10276657743932975437)
2020-04-03 19:20:42.252430 W | auth: simple token is not cryptographically signed
2020-04-03 19:20:42.253342 I | etcdserver: starting server... [version: 3.4.6, cluster version: to_be_decided]
2020-04-03 19:20:42.253886 I | etcdserver: 8e9e05c52164694d as single-node; fast-forwarding 9 ticks (election ticks 10)
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d switched to configuration voters=(10276657743932975437)
2020-04-03 19:20:42.254360 I | etcdserver/membership: added member 8e9e05c52164694d [http://localhost:2380] to cluster cdf818194e3a8c32
2020-04-03 19:20:42.255420 I | embed: listening for peers on 127.0.0.1:2380
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d is starting a new election at term 1
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d became candidate at term 2
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d received MsgVoteResp from 8e9e05c52164694d at term 2
raft2020/03/30 19:20:42 INFO: 8e9e05c52164694d became leader at term 2
raft2020/03/30 19:20:42 INFO: raft.node: 8e9e05c52164694d elected leader 8e9e05c52164694d at term 2
2020-04-03 19:20:42.751679 I | etcdserver: published {Name:default ClientURLs:[http://localhost:2379]} to cluster cdf818194e3a8c32
2020-04-03 19:20:42.751743 I | etcdserver: setting up the initial cluster version to 3.4
2020-04-03 19:20:42.751893 I | embed: ready to serve client requests
2020-04-03 19:20:42.752034 N | etcdserver/membership: set the initial cluster version to 3.4
2020-04-03 19:20:42.752199 I | etcdserver/api: enabled capabilities for version 3.4
2020-04-03 19:20:42.752698 N | embed: serving insecure client requests on 127.0.0.1:2379, this is strongly discouraged!
单机安装,所有都是默认设置,这里连接的客户端地址是使用localhost,只能本机连接,如果我们想让所有客户端都可以连接etcd,需要在启动的时候把客户端的localhost改成0.0.0.0.这里注意,我使用的是最新版本的etcd,但是最新版的etcd和老版本在使用上有一些区别,看看两者的命令,这是etcd3.4.6版本的命令:
[root@www.wulaoer.org etcd]# etcdctl --help
NAME:
etcdctl - A simple command line client for etcd3.
USAGE:
etcdctl [flags]
VERSION:
3.4.6
API VERSION:
3.4
COMMANDS:
alarm disarm Disarms all alarms
alarm list Lists all alarms
auth disable Disables authentication
auth enable Enables authentication
check datascale Check the memory usage of holding data for different workloads on a given server endpoint.
check perf Check the performance of the etcd cluster
compaction Compacts the event history in etcd
defrag Defragments the storage of the etcd members with given endpoints
del Removes the specified key or range of keys [key, range_end)
elect Observes and participates in leader election
endpoint hashkv Prints the KV history hash for each endpoint in --endpoints
endpoint health Checks the healthiness of endpoints specified in `--endpoints` flag
endpoint status Prints out the status of endpoints specified in `--endpoints` flag
get Gets the key or a range of keys
help Help about any command
lease grant Creates leases
lease keep-alive Keeps leases alive (renew)
lease list List all active leases
lease revoke Revokes leases
lease timetolive Get lease information
lock Acquires a named lock
make-mirror Makes a mirror at the destination etcd cluster
member add Adds a member into the cluster
member list Lists all members in the cluster
member promote Promotes a non-voting member in the cluster
member remove Removes a member from the cluster
member update Updates a member in the cluster
migrate Migrates keys in a v2 store to a mvcc store
move-leader Transfers leadership to another etcd cluster member.
put Puts the given key into the store
role add Adds a new role
role delete Deletes a role
role get Gets detailed information of a role
role grant-permission Grants a key to a role
role list Lists all roles
role revoke-permission Revokes a key from a role
snapshot restore Restores an etcd member snapshot to an etcd directory
snapshot save Stores an etcd node backend snapshot to a given file
snapshot status Gets backend snapshot status of a given file
txn Txn processes all the requests in one transaction
user add Adds a new user
user delete Deletes a user
user get Gets detailed information of a user
user grant-role Grants a role to a user
user list Lists all users
user passwd Changes password of user
user revoke-role Revokes a role from a user
version Prints the version of etcdctl
watch Watches events stream on keys or prefixes
OPTIONS:
--cacert="" verify certificates of TLS-enabled secure servers using this CA bundle
--cert="" identify secure client using this TLS certificate file
--command-timeout=5s timeout for short running command (excluding dial timeout)
--debug[=false] enable client-side debug logging
--dial-timeout=2s dial timeout for client connections
-d, --discovery-srv="" domain name to query for SRV records describing cluster endpoints
--discovery-srv-name="" service name to query when using DNS discovery
--endpoints=[127.0.0.1:2379] gRPC endpoints
-h, --help[=false] help for etcdctl
--hex[=false] print byte strings as hex encoded strings
--insecure-discovery[=true] accept insecure SRV records describing cluster endpoints
--insecure-skip-tls-verify[=false] skip server certificate verification
--insecure-transport[=true] disable transport security for client connections
--keepalive-time=2s keepalive time for client connections
--keepalive-timeout=6s keepalive timeout for client connections
--key="" identify secure client using this TLS key file
--password="" password for authentication (if this option is used, --user option shouldn't include password)
--user="" username[:password] for authentication (prompt if password is not supplied)
-w, --write-out="simple" set the output format (fields, json, protobuf, simple, table)
下面是etcd3.3.10版本的命令:
[root@www.wulaoer.org etcd]# ./etcdctl --help
NAME:
etcdctl - A simple command line client for etcd.
WARNING:
Environment variable ETCDCTL_API is not set; defaults to etcdctl v2.
Set environment variable ETCDCTL_API=3 to use v3 API or ETCDCTL_API=2 to use v2 API.
USAGE:
etcdctl [global options] command [command options] [arguments...]
VERSION:
3.3.10
COMMANDS:
backup backup an etcd directory
cluster-health check the health of the etcd cluster
mk make a new key with a given value
mkdir make a new directory
rm remove a key or a directory
rmdir removes the key if it is an empty directory or a key-value pair
get retrieve the value of a key
ls retrieve a directory
set set the value of a key
setdir create a new directory or update an existing directory TTL
update update an existing key with a given value
updatedir update an existing directory
watch watch a key for changes
exec-watch watch a key for changes and exec an executable
member member add, remove and list subcommands
user user add, grant and revoke subcommands
role role add, grant and revoke subcommands
auth overall auth controls
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--debug output cURL commands which can be used to reproduce the request
--no-sync don't synchronize cluster information before sending request
--output simple, -o simple output response in the given format (simple, `extended` or `json`) (default: "simple")
--discovery-srv value, -D value domain name to query for SRV records describing cluster endpoints
--insecure-discovery accept insecure SRV records describing cluster endpoints
--peers value, -C value DEPRECATED - "--endpoints" should be used instead
--endpoint value DEPRECATED - "--endpoints" should be used instead
--endpoints value a comma-delimited list of machine addresses in the cluster (default: "http://127.0.0.1:2379,http://127.0.0.1:4001")
--cert-file value identify HTTPS client using this SSL certificate file
--key-file value identify HTTPS client using this SSL key file
--ca-file value verify certificates of HTTPS-enabled servers using this CA bundle
--username value, -u value provide username[:password] and prompt if password is not supplied.
--timeout value connection timeout per request (default: 2s)
--total-timeout value timeout for the command execution (except watch) (default: 5s)
--help, -h show help
--version, -v print the version
从命令上来看,两者的命令差别有点大,可能是合并了,后期会好好研究一下,etcd3.4.6使用授权客户端连接如下:
[root@www.wulaoer.org etcd]# ./etcd --listen-client-urls http://0.0.0.0:2379 --advertise-client-urls http://0.0.0.0:2379
[WARNING] Deprecated '--logger=capnslog' flag is set; use '--logger=zap' flag instead
2020-04-03 16:01:27.777133 I | etcdmain: etcd Version: 3.4.6
2020-04-03 16:01:27.777620 I | etcdmain: Git SHA: bdc9bc1d8
2020-04-03 16:01:27.777623 I | etcdmain: Go Version: go1.12.12
2020-04-03 16:01:27.777626 I | etcdmain: Go OS/Arch: linux/amd64
2020-04-03 16:01:27.777629 I | etcdmain: setting maximum number of CPUs to 4, total number of available CPUs is 4
2020-04-03 16:01:27.777651 W | etcdmain: no data-dir provided, using default data-dir ./default.etcd
2020-04-03 16:01:27.777698 N | etcdmain: the server is already initialized as member before, starting as etcd member...
[WARNING] Deprecated '--logger=capnslog' flag is set; use '--logger=zap' flag instead
2020-04-03 16:01:27.779002 I | embed: name = default
2020-04-03 16:01:27.779008 I | embed: data dir = default.etcd
2020-04-03 16:01:27.779011 I | embed: member dir = default.etcd/member
2020-04-03 16:01:27.779013 I | embed: heartbeat = 100ms
2020-04-03 16:01:27.779015 I | embed: election = 1000ms
2020-04-03 16:01:27.779017 I | embed: snapshot count = 100000
2020-04-03 16:01:27.779024 I | embed: advertise client URLs = http://0.0.0.0:2379
2020-04-03 16:01:27.779027 I | embed: initial advertise peer URLs = http://localhost:2380
2020-04-03 16:01:27.779030 I | embed: initial cluster =
2020-04-03 16:01:27.780390 I | etcdserver: restarting member 8e9e05c52164694d in cluster cdf818194e3a8c32 at commit index 6
raft2020/03/31 16:01:27 INFO: 8e9e05c52164694d switched to configuration voters=()
raft2020/03/31 16:01:27 INFO: 8e9e05c52164694d became follower at term 3
raft2020/03/31 16:01:27 INFO: newRaft 8e9e05c52164694d [peers: [], term: 3, commit: 6, applied: 0, lastindex: 6, lastterm: 3]
2020-04-03 16:01:27.783833 W | auth: simple token is not cryptographically signed
2020-04-03 16:01:27.784624 I | etcdserver: starting server... [version: 3.4.6, cluster version: to_be_decided]
raft2020/03/31 16:01:27 INFO: 8e9e05c52164694d switched to configuration voters=(10276657743932975437)
2020-04-03 16:01:27.785120 I | etcdserver/membership: added member 8e9e05c52164694d [http://localhost:2380] to cluster cdf818194e3a8c32
2020-04-03 16:01:27.785176 N | etcdserver/membership: set the initial cluster version to 3.4
2020-04-03 16:01:27.785196 I | etcdserver/api: enabled capabilities for version 3.4
2020-04-03 16:01:27.786156 I | embed: listening for peers on 127.0.0.1:2380
raft2020/03/31 16:01:29 INFO: 8e9e05c52164694d is starting a new election at term 3
raft2020/03/31 16:01:29 INFO: 8e9e05c52164694d became candidate at term 4
raft2020/03/31 16:01:29 INFO: 8e9e05c52164694d received MsgVoteResp from 8e9e05c52164694d at term 4
raft2020/03/31 16:01:29 INFO: 8e9e05c52164694d became leader at term 4
raft2020/03/31 16:01:29 INFO: raft.node: 8e9e05c52164694d elected leader 8e9e05c52164694d at term 4
2020-04-03 16:01:29.482308 I | etcdserver: published {Name:default ClientURLs:[http://0.0.0.0:2379]} to cluster cdf818194e3a8c32
2020-04-03 16:01:29.482445 I | embed: ready to serve client requests
2020-04-03 16:01:29.483553 N | embed: serving insecure client requests on [::]:2379, this is strongly discouraged!
这里需要注意:etcd有要求,如果--listen-client-urls被设置了,那么就必须同时设置--advertise-client-urls,所以即使设置和默认相同,也必须显式设置。
配置信息
这里需要执行etcd文件才可以启动etcd服务,所以我们需要配置一下使用系统命令启动,先把二进制文件copy到系统bin目录下
[root@www.wulaoer.org etcd]# cp etcd* /usr/local/bin/
这样就不需要进到etcd目录下执行etcd启动了,下面配置etcd的信息
[root@www.wulaoer.org ~]# mkdir /usr/local/etcd/data #etcd数据路径 [root@www.wulaoer.org ~]# mkdir /usr/local/etcd/config #配置文件路径 [root@www.wulaoer.org ~]# cat <<EOF | tee /usr/local/etcd/config/etcd.conf > #节点名称 > ETCD_NAME=$(hostname -s) > #数据存放位置 > ETCD_DATA_DIR=/usr/local/etcd/data > EOF #节点名称 ETCD_NAME=www.wulaoer.org #数据存放位置 ETCD_DATA_DIR=/usr/local/etcd/data [root@www.wulaoer.org ~]# [root@www.wulaoer.org ~]# cat <<EOF | tee /etc/systemd/system/etcd.service > [Unit] > Description=Etcd Server > Documention=https://github.com/coreos/etcd > After=network.target > [Service] > User=root > Type=notify > EnvironmentFile=/usr/local/etcd/config/etcd.conf > ExecStart=/usr/local/etcd/data > RestartSec=10s > LimitNOFILE=40000 > [Install] > WantedBy=multi-user.target > EOF [Unit] Description=Etcd Server Documention=https://github.com/coreos/etcd After=network.target [Service] User=root Type=notify EnvironmentFile=/usr/local/etcd/config/etcd.conf ExecStart=/usr/local/etcd/etcd RestartSec=10s LimitNOFILE=40000 [Install] WantedBy=multi-user.target
设置etcd开机自启动,然后启动etcd服务
[root@www.wulaoer.org etcd]# systemctl daemon-reload && systemctl enable etcd && systemctl start etcd
源码安装
源码安装etcd需要配置go环境,因为etcd是使用go语言编写的,所以先安装go,可以参考:https://www.wulaoer.org/?p=885 这里就不在叙述了,直接下载源码包。
[root@www.wulaoer.org ~]# go version go version go1.12.6 linux/amd64
配置好go以后需要下载etcd的源码包,然后直接编译。
[root@www.wulaoer.org ~]# git clone https://github.com/coreos/etcd.git [root@www.wulaoer.org ~]# cd etcd [root@www.wulaoer.org etcd]# ./build
这里注意,在编译的过程中需要使用到go的包。但是go的包都是在国外的服务器上,所以需要翻墙,如果能翻墙编译没有问题,如果不能翻墙,编译会一直卡着。编译成功后,会在etcd目录下生成一个bin目录,在bin目录下会创建etcd的服务端和客户端的执行文件。
yum安装etcd
如果我们只是为了学习etcd的用法,比较建议使用yum安装,因为使用yum安装比较简单,不需要考虑其他的环境,直接yum即可,如果对版本有要求,建议使用二进制安装。
[root@www.wulaoer.org ~]# yum -y install etcd [root@www.wulaoer.org ~]# yum list installed |grep -i etcd etcd.x86_64 3.3.11-2.el7.centos @extras [root@www.wulaoer.org ~]# cp /etc/etcd/etcd.conf /etc/etcd/etcd.conf.back [root@www.wulaoer.org ~]# cd /etc/etcd/
这里是etcd的配置文件,我们可以在这里配置etcd的客户端连接信息,以及集群的信息
[root@www.wulaoer.org etcd]# grep ^[A-Z] etcd.conf ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_CLIENT_URLS="http://localhost:2379" ETCD_NAME="default" ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"
启动一下etcd服务,然后验证一下etcd的状态
[root@www.wulaoer.org etcd]# systemctl start etcd.service [root@www.wulaoer.org etcd]# etcdctl cluster-health member 8e9e05c52164694d is healthy: got healthy result from http://localhost:2379 cluster is healthy [root@www.wulaoer.org etcd]# etcdctl member list 8e9e05c52164694d: name=default peerURLs=http://localhost:2380 clientURLs=http://localhost:2379 isLeader=true
使用yum安装etcd成功,也可以查看yum的etcd的安装包,然后根据自己的需求安装etcd的安装包。
[root@www.wulaoer.org ~]# yum list|grep etcd etcd.x86_64 3.3.11-2.el7.centos @extras netcdf.x86_64 4.3.3.1-5.el7 epel netcdf-cxx.x86_64 4.2-8.el7 epel netcdf-cxx-devel.x86_64 4.2-8.el7 epel netcdf-cxx-static.x86_64 4.2-8.el7 epel netcdf-devel.x86_64 4.3.3.1-5.el7 epel netcdf-fortran.x86_64 4.2-16.el7 epel netcdf-fortran-devel.x86_64 4.2-16.el7 epel netcdf-fortran-mpich.x86_64 4.2-16.el7 epel netcdf-fortran-mpich-devel.x86_64 4.2-16.el7 epel netcdf-fortran-mpich-static.x86_64 4.2-16.el7 epel netcdf-fortran-openmpi.x86_64 4.2-16.el7 epel netcdf-fortran-openmpi-devel.x86_64 4.2-16.el7 epel netcdf-fortran-openmpi-static.x86_64 4.2-16.el7 epel netcdf-fortran-static.x86_64 4.2-16.el7 epel netcdf-mpich.x86_64 4.3.3.1-5.el7 epel netcdf-mpich-devel.x86_64 4.3.3.1-5.el7 epel netcdf-mpich-static.x86_64 4.3.3.1-5.el7 epel netcdf-openmpi.x86_64 4.3.3.1-5.el7 epel netcdf-openmpi-devel.x86_64 4.3.3.1-5.el7 epel netcdf-openmpi-static.x86_64 4.3.3.1-5.el7 epel netcdf-static.x86_64 4.3.3.1-5.el7 epel netcdf4-python.x86_64 1.2.7-4.el7 epel octave-netcdf.x86_64 1.0.6-1.el7 epel python2-netcdf4.x86_64 1.2.7-4.el7 epel python36-netcdf4.x86_64 1.2.7-4.el7 epel
根据自己的需要安装相应的etcd即可。
docker安装etcd
使用docker安装etcd,需要我们先安装docker,可以参考:https://www.wulaoer.org/?p=260
[root@www.wulaoer.org ~]# docker version Client: Version: 17.12.1-ce API version: 1.35 Go version: go1.9.4 Git commit: 7390fc6 Built: Tue Feb 27 22:15:20 2018 OS/Arch: linux/amd64 Server: Engine: Version: 17.12.1-ce API version: 1.35 (minimum version 1.12) Go version: go1.9.4 Git commit: 7390fc6 Built: Tue Feb 27 22:17:54 2018 OS/Arch: linux/amd64 Experimental: false
docker环境已经做好了,下面直接pull一下etcd的镜像,然后运行镜像即可。
[root@www.wulaoer.org ~]# docker pull quay.io/coreos/etcd Using default tag: latest latest: Pulling from coreos/etcd ff3a5c916c92: Pull complete 96b0e24539ea: Pull complete d1eca4d01894: Pull complete ad732d7a61c2: Pull complete 8bc526247b5c: Pull complete 5f56944bb51c: Pull complete Digest: sha256:5b6691b7225a3f77a5a919a81261bbfb31283804418e187f7116a0a9ef65d21d Status: Downloaded newer image for quay.io/coreos/etcd:latest
镜像已经拉取成功,这个时候我们需要创建一个容器,这里需要注意。映射的端口不能被占用,所以在创建之前最后查看一下端口好是否被占用。
[root@www.wulaoer.org ~]# docker run -it --rm -p 2379:2379 -p 2380:2380 --name etcd -it -d quay.io/coreos/etcd 767fe90729c9ab6df57c237a51d247944eaa5e6f86e93323e2206b38f3339cec
验证一下etcd是否创建成功
[root@www.wulaoer.org ~]# docker exec -it etcd etcdctl member list 8e9e05c52164694d: name=default peerURLs=http://localhost:2380 clientURLs=http://localhost:2379 isLeader=true
到现在单机etcd的安装三种方法已经完成,下面我们尝试一下etcd的基本使用
etcd使用
创建键值对
[root@www.wulaoer.org etcd]# ./etcdctl put foo "Hello World" OK
获取键值对
[root@www.wulaoer.org etcd]# ./etcdctl get foo foo Hello World
删除键值对
[root@www.wulaoer.org etcd]# ./etcdctl del foo 1 [root@www.wulaoer.org etcd]# ./etcdctl get foo
这只是etcd的一些基本使用,在后面会有一章针对etcd的使用单独说明。没有了,就先写到这吧,没事看些其他的去吧。。。。
您可以选择一种方式赞助本站
支付宝扫一扫赞助
微信钱包扫描赞助
赏